Software, Architecture, lessons learned

Monday Dec 17, 2012

How to deal from an OEG11gR2 policy with OES11gR2 authorization with condition.

Authorization policies come in various flavors. If an authorization policy constitutes only of fixed elements, we can call it a static policy. At design time, by looking at a set of static policies we can be 100% sure of the final authorization decision. Dynamic policies are ones which need some additional piece of information which either varies with time or is present in an external repository. Static policies are easy to understand and computationally more efficient, so we should use static policies as much as possible and rely on dynamic policies only when absolutely necessary.

The Museum use-case demonstrates how to compose OES authorizations with dynamic conditions.